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DETAILED ACTION 



1. This action is in response to the communication filed on 4/01/2005. Claims 1 - 20 
are currently pending. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 3/01/2002, the 
examiner is considering 7/24/2002, 7/28/2004 and 1/03/2005 and initialed copies of IDS 
are attached to this office action. 



Claim Rejections - 35 USC § 102 



(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed In the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 



3. Claims 1-20 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Newman et al. (U.S. Patent Number 6,948,003). 
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4. Regarding Claim 1 , Newman teaches a browser module that provides 
communications access to an unprotected network from a protected network (Summary 
and Column 9 lines 28 - 65); 

a browser client module that communicates with the browser module (Summary 
and Column 9 lines 28 - 65);and 

a browser isolator module that analyzes communications between the browser 
module and the browser client module, wherein the communication between the 
browser module and the browser client module are limited to those communications 
necessary for remote operation of the browser module (Summary; Column 9 lines 28 - 
65 and Column 10 lines 33 - 48). 

5. Regarding Claim 6, Newman teaches a browser running on a virtual machine 
within a protected network (Summary and Column 9 lines 28 - 65); 

a border module that tunnels communications from an unprotected network to 
the browser via a communications tunnel, wherein only authorized communications are 
allowed between the browser and the unprotected network (Summary; Column 9 lines 
28 - 65 and Column 1 0 lines 33 - 48). 

6. Regarding Claim 1 1 , Newman teaches establishing communications between a 
browser and a browser client (Summary and Column 9 lines 28 - 65); 

inspecting the communications between the browser and the browser client (Summary 
and Column 9 lines 28 - 65); 



Application/Control Number: 10/085,130 Page 4 

Art Unit: 2136 

determining if the communications are authorized (Summary and Column 9 lines 
28-65); and 

allowing the authorized communications between the browser and the browser 
client (Summary; Column 9 lines 28-65 and Column 10 lines 33-48). 

7. Regarding Claim 14, Newman teaches enabling a browser on a virtual machine 
that is isolated from a protected network (Summary and Column 9 lines 28 - 65); 
establishing communications with a border module (Summary and Column 9 lines 28 - 
65); 

tunneling communications from the border module to the browser (Summary and 
Column 9 lines 28 - 65); and 

preventing unauthorized communications from reaching the protected network 
(Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 48). 

8. Regarding Claim 17, Newman teaches information that establishes 
communications between a browser and a browser client (Summary and Column 9 lines 
28 - 65); 

information that inspects the communications between the browser and the 
browser client (Summary and Column 9 lines 28 - 65); 

information that determines if the communications are authorized; and 
information that allows the authorized communications between the browser 
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and the browser client (Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 
48). 

9. Regarding Claim 18. Newman teaches information that enables a browser on a 
virtual machine that is isolated from a protected network (Summary and Column 9 lines 
28-65); 

information that establishes communications with a border module (Summary 
and Column 9 lines 28 - 65); 

information that tunnels communications from the border module to the browser 
(Summary and Column 9 lines 28 - 65); and 

information that prevents unauthorized communications from reaching the 
protected network (Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 48). 

10. Regarding Claim 19, Newman teaches means for providing communications 
access to an unprotected network from a protected network (Summary and Column 9 
lines 28 - 65); 

means for communicating with a browser module (Summary and Column 9 lines 
28 - 65); and 

means for analyzing communications between the browser module and the a 
browser client module, wherein the communication between the browser module and 
the browser client module are limited to those communications necessary for remote 
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operation of the browser module (Summary; Column 9 lines 28 - 65 and Column 10 
lines 33 - 48). 

11. Regarding Claim 20, Newman teaches means for running a virtual machine 
within a protected network (Summary and Column 9 lines 28 - 65); and 

means for tunneling communications from an unprotected network to a browser 
running on the virtual machine via a communications tunnel, wherein only authorized 
communications are allowed between the browser and the unprotected network 
(Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 48). 

12. Claim 2 is rejected as applied above in rejecting Claim 1. Furthermore, Newman 
teaches a browser isolator module that is capable of preventing unauthorized 
communications between the browser module and the browser client module 
(Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 48). 

13. Claim 4 is rejected as applied above in rejecting Claim 1. Furthermore, Newman 
teaches the browser module comprises a distributed network browser (Summary and 
Column 9 lines 28 - 65). 

14. Claim 5 is rejected as applied above in rejecting Claim 1 . Furthermore, Newman 
teaches wherein the protected network is isolated from unauthorized communications 
received from the unprotected network. 
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15. Claim 7 is rejected as applied above in rejecting Claim 6. Furthermore, Newman 
teaches comprising a tunnel restrictor module that limits communications from the 
border module to the virtual machine to those communications authorized for browser 
operability (Summary; Column 9 lines 28 - 65 and Column 10 lines 33 - 48). 

16. Claim 8 is rejected as applied above in rejecting Claim 6. Furthermore, Newman 
teaches wherein the virtual machine is isolated from the protected network (Summary 
and Column 9 lines 28 - 65). 

17. Claims 9 and 16 are rejected as applied above in rejecting Claims 6 and 14. 
Furthermore, Newman teaches wherein communications from the unprotected 
network are encapsulated and fonA^arded to the virtual machine (Summary and Column 
9 lines 28 - 65). 

18. Claim 10 is rejected as applied above in rejecting Claim 6. Furthermore, Newman 
teaches wherein protected information on the protected network is prevented from 
reaching the unprotected network (Summary; Column 9 lines 28 - 65 and Column 10 
lines 33 - 48). 

19. Claim 12 is rejected as applied above in rejecting Claim 1 1 . Furthermore, 
Newman teaches wherein the communication between the browser module and the 
browser client module are limited to those communications necessary for remote 
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operation of the browser module (Summary; Column 9 lines 28 - 65 and Column 10 
lines 33 - 48). 

20. Claim 15 is rejected as applied above in rejecting Claim 1. Furthermore, Newman 
teaches further comprising limiting communications from the border module to the 
virtual machine to those communications authorized for browser operability (Summary 
and Column 9 lines 28 - 65). 

21. Claims 3 and 13 are rejected as applied above in rejecting Claims 2 and 1 1 . 
Furthermore, Newman teaches wherein the browser isolator module screens at least 
one of the following types of information to determine of the communication is 
authorized: source and destination ports, user information, origination information, host 
information, destination information, character information, IP address information, 
display identification, session information, display class, display number, TCP 
information, and date and/or time information (Summary; Column 9 lines 28 - 65 and 
Column 10 lines 33-48). 
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Conclusion 

22. Examiner's Note: Examiner has cited particular columns and line numbers in the 
references as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings in the art and are 
applied to the specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the applicant, in preparing the 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention, as well as the context of the passage as taught by the prior art 
or disclosed by the examiner. 

23. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO Form 892. 

Applicant is urged to consider the references. However, the references should be 
evaluated by what they suggest to one versed in the art, rather than by their specific 
disclosure. If applicants are aware of any better prior art than those are cited, they are 
required to bring the prior art to the attention of the examiner. 

24. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 571- 
272-3866. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. If attempts 
to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Ayaz 
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Sheikh can be reached on 571-232-3795. Any inquiry of a general nature or relating to 
the status of this application or proceeding should be directed to the receptionist whose 
telephone number is 703-305-3900. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR only. For more 
information about the PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). 



Pramila Parthasarathy 
March 11, 2006. 
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